Beware of hey is this your skype profile pic messages

A new virus is making the rounds that is affecting the Skype communication software. The following messages are used to spread the virus: hey is this your skype profile pic or hey, is this your new profile picture, or hey, cool profile picture, is this it. Remember that it is likely that there are other variations in the wild.

The messages are followed by a shortened link using the goo.gl url shortener. Depending on your security setup, clicking on the link may be enough to infect your computer with the trojan. If you get a dialog that is asking you what to do, make sure you cancel it right away and do not open or save it to your computer.

The messages may come from your contacts, if their computer is already infected with it, or strangers that try to message you.

The trojan adds itself to the list of third party programs with Skype access, and this is one of the ways to find out whether your system is infected with it or not. When you are in Skype, click on Tools > Options to bring up the options window of the program. Locate and click on Advanced, and there on the manage other programs' access to Skype link at the bottom. If you see programs listed here that you can't identify, remove them from Skype.

You won't be sending out messages to Skype contacts anymore once the apps have been removed from Skype's third party access list.

As a second step, I'd recommend to run an up to date antivirus solution, Malwarebytes Antimalware Free or Dr.Web CureIt to make sure that no traces of the keylogger are left on the system. What it does in addition to sending out the messages to contacts, is to log what you enter using your keyboard. The keylogger logs all input, not only what you enter when using Skype. It is therefore essential to scan the computer with antivirus software to remove the keylogger from the system. I'd recommend running multiple programs just to make sure it is completely removed.

We have received word from Skype about the issue:

Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact. We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer. Additionally, following links – even when from your contacts – that look strange or are unexpected is not advisable.

Issue: *

Your Name:

Your Email:

Details:
*

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

About Martin Brinkmann

Martin Brinkmann is a journalist from Germany who founded Ghacks Technology News Back in 2005. He is passionate about all things tech and knows the Internet and computers like the back of his hand.
You can follow Martin on Facebook, Twitter or Google+

Comments

hey, i’m on a mac and i’ve got the message from one of my friends and i didn’t know what it was so i clicked on the link. then it downloaded a file to the mac but i couldn’t open the file. a couple of minutes later my antivirus (sophos antivirus) said that the mac was infected and asked me if i would like to remove the threats. i clicked on remove and then it remove the file that i couldn’t open. do you know if the virus works on mac’s or is it just a windows virus? i just want to be sure that it’s gone. i don’t think that i’ve sent any messages to anyone but i’m not sure.

I can’t say for sure but it is likely that it is Windows only. Have you checked the third party programs in Skype? This is usually a good indicator whether the malware was installed successfully on your system.

Thank you!! I got sent it by 2 people on my skype and was really worried… reading your article reasured me that i don’t have the trojan and i can finally rest :) Subed to ur FB, once again thank you :D

Seems like this virus is back… I got similar set of messages from people in my friend list over last couple of days. Am running an older version – 2.1.0.81 on Ubuntu. So not sure if I can locate the above mentioned trojan. There is no such thing like “Managed API access control”.

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.